Vulnerabilities > CVE-2019-3831

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

ovirt

redhat

nessus

NVD

Published: 2019-03-25

Updated: 2020-10-19

Summary

A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.

Vulnerable Configurations

Part	Description	Count
Application	Ovirt Ovirt Vdsm 4.19 Ovirt Vdsm 4.19.1 Ovirt Vdsm 4.19.2 Ovirt Vdsm 4.19.3 Ovirt Vdsm 4.19.4 Ovirt Vdsm 4.19.5 Ovirt Vdsm 4.19.6 Ovirt Vdsm 4.19.7 Ovirt Vdsm 4.19.8 Ovirt Vdsm 4.19.9 Ovirt Vdsm 4.19.10 Ovirt Vdsm 4.19.10.1 Ovirt Vdsm 4.19.11 Ovirt Vdsm 4.19.12 Ovirt Vdsm 4.19.13 Ovirt Vdsm 4.19.14 Ovirt Vdsm 4.19.15 Ovirt Vdsm 4.19.16 Ovirt Vdsm 4.19.17 Ovirt Vdsm 4.19.18 Ovirt Vdsm 4.19.19 Ovirt Vdsm 4.19.20 Ovirt Vdsm 4.19.21 Ovirt Vdsm 4.19.22 Ovirt Vdsm 4.19.23 Ovirt Vdsm 4.19.24 Ovirt Vdsm 4.19.25 Ovirt Vdsm 4.19.26 Ovirt Vdsm 4.19.27 Ovirt Vdsm 4.19.28 Ovirt Vdsm 4.19.29 Ovirt Vdsm 4.19.30 Ovirt Vdsm 4.19.31 Ovirt Vdsm 4.19.32 Ovirt Vdsm 4.19.33 Ovirt Vdsm 4.19.34 Ovirt Vdsm 4.19.35 Ovirt Vdsm 4.19.36 Ovirt Vdsm 4.19.37 Ovirt Vdsm 4.19.38 Ovirt Vdsm 4.19.39 Ovirt Vdsm 4.19.40 Ovirt Vdsm 4.19.41 Ovirt Vdsm 4.19.42 Ovirt Vdsm 4.19.43 Ovirt Vdsm 4.19.44 Ovirt Vdsm 4.19.45 Ovirt Vdsm 4.19.46 Ovirt Vdsm 4.19.47 Ovirt Vdsm 4.19.48 Ovirt Vdsm 4.19.49 Ovirt Vdsm 4.19.50 Ovirt Vdsm 4.19.51 Ovirt Vdsm 4.20.0 Ovirt Vdsm 4.20.1 Ovirt Vdsm 4.20.2 Ovirt Vdsm 4.20.3 Ovirt Vdsm 4.20.4 Ovirt Vdsm 4.20.5 Ovirt Vdsm 4.20.6 Ovirt Vdsm 4.20.7 Ovirt Vdsm 4.20.8 Ovirt Vdsm 4.20.9 Ovirt Vdsm 4.20.9.1 Ovirt Vdsm 4.20.9.2 Ovirt Vdsm 4.20.9.3 Ovirt Vdsm 4.20.10 Ovirt Vdsm 4.20.11 Ovirt Vdsm 4.20.12 Ovirt Vdsm 4.20.13 Ovirt Vdsm 4.20.14 Ovirt Vdsm 4.20.15 Ovirt Vdsm 4.20.16 Ovirt Vdsm 4.20.17 Ovirt Vdsm 4.20.18 Ovirt Vdsm 4.20.19 Ovirt Vdsm 4.20.20 Ovirt Vdsm 4.20.21 Ovirt Vdsm 4.20.22 Ovirt Vdsm 4.20.23 Ovirt Vdsm 4.20.24 Ovirt Vdsm 4.20.25 Ovirt Vdsm 4.20.26 Ovirt Vdsm 4.20.27 Ovirt Vdsm 4.20.27.1 Ovirt Vdsm 4.20.28 Ovirt Vdsm 4.20.29 Ovirt Vdsm 4.20.30 Ovirt Vdsm 4.20.31 Ovirt Vdsm 4.20.32 Ovirt Vdsm 4.20.33 Ovirt Vdsm 4.20.34 Ovirt Vdsm 4.20.35 Ovirt Vdsm 4.20.36 Ovirt Vdsm 4.20.37 Ovirt Vdsm 4.20.38 Ovirt Vdsm 4.20.39 Ovirt Vdsm 4.20.39.1 Ovirt Vdsm 4.20.40 Ovirt Vdsm 4.20.41 Ovirt Vdsm 4.20.42 Ovirt Vdsm 4.20.43 Ovirt Vdsm 4.20.44 Ovirt Vdsm 4.20.45 Ovirt Vdsm 4.20.46 Ovirt Vdsm 4.20.47 Ovirt Vdsm 4.30.1 Ovirt Vdsm 4.30.2 Ovirt Vdsm 4.30.3 Ovirt Vdsm 4.30.5 Ovirt Vdsm 4.30.6 Ovirt Vdsm 4.30.7 Ovirt Vdsm 4.30.8	113
Application	Redhat Redhat Gluster Storage 3.0	1

Nessus

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-0458.NASL
description	An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host
last seen	2020-06-01
modified	2020-06-02
plugin id	122738
published	2019-03-11
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122738
title	RHEL 7 : Virtualization Manager (RHSA-2019:0458)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-0457.NASL
description	An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host
last seen	2020-06-01
modified	2020-06-02
plugin id	122737
published	2019-03-11
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122737
title	RHEL 7 : Virtualization Manager (RHSA-2019:0457)

Redhat

rpms

redhat-release-virtualization-host-0:4.2-8.3.el7
redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6
redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7
vdsm-0:4.20.47-1.el7ev
vdsm-api-0:4.20.47-1.el7ev
vdsm-client-0:4.20.47-1.el7ev
vdsm-common-0:4.20.47-1.el7ev
vdsm-gluster-0:4.20.47-1.el7ev
vdsm-hook-checkips-0:4.20.47-1.el7ev
vdsm-hook-cpuflags-0:4.20.47-1.el7ev
vdsm-hook-ethtool-options-0:4.20.47-1.el7ev
vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev
vdsm-hook-fcoe-0:4.20.47-1.el7ev
vdsm-hook-localdisk-0:4.20.47-1.el7ev
vdsm-hook-macspoof-0:4.20.47-1.el7ev
vdsm-hook-nestedvt-0:4.20.47-1.el7ev
vdsm-hook-openstacknet-0:4.20.47-1.el7ev
vdsm-hook-vhostmd-0:4.20.47-1.el7ev
vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev
vdsm-http-0:4.20.47-1.el7ev
vdsm-jsonrpc-0:4.20.47-1.el7ev
vdsm-network-0:4.20.47-1.el7ev
vdsm-python-0:4.20.47-1.el7ev
vdsm-yajsonrpc-0:4.20.47-1.el7ev

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831

Vulnerabilities > CVE-2019-3831 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2019-3831"}]}

Summary

Vulnerable Configurations

Nessus

Redhat

References

Vulnerabilities > CVE-2019-3831